20 Dec
2019
20 Dec
'19
7:12 p.m.
I have been working with a kind volunteer who is using OpenVMS Alpha.?
It's been quite productive.
While I haven't run into any security exposures, yet, the experience has
enabled me to find a few things to tweak up.? For example, the VMS
logging and reporting was clearly superior to what was being put in the
FAL log (which wasn't even timestamped and didn't have the requested
file name).
We ran into some interesting behavior.? When ANONYMOUS access is
restricted to the stand-in user and its subdirectories, wildcard listing
requests that are outside of that lexical scope do not report any errors
but rather return zero files (none).? That was puzzling because the part
of the code that did the access check was clearly doing the reject with
appropriate return values.
Further analysis showed that in the main loop for stepping wildcards, a
reject causes the file in question to be skipped; nothing is actually
done with the return values.? I believe this may be intended behavior
for two reasons.? The first is that if the wildcard includes files to
which the ANONYMOUS user does legitimately have access, it's friendlier
to report those as opposed to stopping everything.
The other reason I believe has to do with DAP itself; I don't think you
can't return more than one return value per ACCESS request, even with a
wildcarded file specification.? So perhaps this isn't a bug so much as
an unintended consequence?? Does anybody know what the behavior should be?
At any rate, I don't believe the current behavior is 'informative'.?
What I'm thinking of doing is saving the last error code and returning
that if the count of files returned in list is zero.? Otherwise, the
user had something to look at.
Do I have any volunteers who operate something besides VMS?? I'd be
interested in RSX(+), IAS, RSTS and OS-8.? They never did DECnet on
RT-11, did they?